Run demo.sh on vanilla Openstack

I see from time to time people having issues to run demo.sh on an vanilla Openstack (vOS for short) environment. Here are the steps which helped us to get demo.sh running on Ocata:

Rackspace Authentication endpoint

If the first FAIL is mentioned as "access", you might try to authenticate against Rackspace, even if you are using your own vOS instance

• ssh into the robot_vm

• Edit /opt/eteshare/config/integration_robot_properties.py

• at about line 30, there is an assignment to GLOBAL_OPENSTACK_KEYSTONE_SERVER

• change this to GLOBAL_OPENSTACK_KEYSTONE_SERVER=http://<your-controller-ip>:5000

  • be careful to use the correct scheme (the  original scheme is https, your controller might use http)

  • be careful to add the port number

Change POST data template

The Rackspage API seems to differ a bit from the vOS API as it adds a some extra fields in the returned JSON. To get the same from vOS, you need to change the template used for the token request to vOS

• ssh to robot_vm

• docker cp openecompete_container:/var/opt/OpenECOMP_ETE/robot/assets/templates/keystone_get_auth.template keystone_get_auth.template

• add  the tenantName field (be sure not to forget the extra ','); tenant is sometime synonymous used for project in vOS

  {

    "auth": {

      "passwordCredentials": {

        "username": "${username}",

        "password": "${password}"

      },

     "tenantName": "<your-tenant-name>"

    }
  }

• docker cp keystone_get_auth.template openecompete_container:/var/opt/OpenECOMP_ETE/robot/assets/templates/keystone_get_auth.template

SSL error during run

Sometimes demo.sh fails with ssl errors. If that happens, you can add two lines in the python file to avoid this.

• ssh to robot_vm

• docker cp openecompete_container:/var/opt/OpenECOMP_ETE/robot/library/RequestsLibrary/RequestsKeywords.py RequestsKeywords.py

• edit RequestsKeywords.py to add two new lines (in red)
  import sys
  import urllib3
  urllib3.disable_warnings();

• docker cp RequestsKeywords.py openecompete_container:/var/opt/OpenECOMP_ETE/robot/library/RequestsLibrary/RequestsKeywords.py
  
  
  
  

AAI bulk add request getting failed

Rackspace needs tenant id( or may be name and id is same hence doesn’t make a difference in Rackspace) for authentication whereas Openstack Mitaka (we are using Mitaka for Other openstack version this might not be the case ) is using the tenant name for authentication.

Because of which at the Heat Bridge step we were getting authentication error. We changed few python files to overcome this error.

1.   robot\library\heatbridge\HeatBridge.py (adding extra parameter tenantName )

   Before :

    def init_bridge(self, openstack_identity_url, username, password, tenant, region, owner):

        self.om = OpenstackManager(openstack_identity_url, OpenstackContext(username, password, tenant, region, owner));

        self.am = AAIManager(OpenstackContext(username, password, tenant, region, owner));

  After :

           def init_bridge(self, openstack_identity_url, username, password, tenant, region, owner, tenantName):

           self.om = OpenstackManager(openstack_identity_url, OpenstackContext(username, password, tenantName, region, owner,tenantName));

           self.am = AAIManager(OpenstackContext(username, password, tenant, region, owner,tenantName));

class OpenstackContext:

    """OpenstackContext is a simple class that holds the provided information that heatbridge uses."""   

    #this holds the info of the openstack clients

    username = None;

    password = None;

    tenant = None;

    region = None;

    owner = None;

    tenantName= None;

    def __init__(self, username, password, tenant, region, owner,tenantName):

        self.username = username;

        self.password = password;

        self.tenant = tenant;

        self.region = region;

        self.owner = owner;

        self.tenantName = tenantName;

Init Bridge    ${openstack_identity_url}    ${user}    ${pass}    ${tenant_id}    ${region}   ${GLOBAL_AAI_CLOUD_OWNER}   ${GLOBAL_VM_PROPERTIES['openstack_tenant']}

"openstack_tenant" : "<your tenant Name>",

API version Error

/opt/demo.sh appc <DemoModule>

Running ./demo.sh appc DemoModule you might also end up with an error like "error KeyError: 'tenantId'". See a solution from kranthi here: unnamed link

Running ./demo.sh appc DemoModule you might also end up with an error like "error KeyError: 'public'". See a solution from kranthi here: unnamed link

Heat file changes :

For vfw and vlb we faced few issues related to images we were using. I have attached the heat files here for reference incase you need. 

1. SSH login was not getting successful during the validation stage so we had to add below lines to the files. 

  cat /root/.ssh/authorized_keys | awk {'print $14" "$15" "$16'} > /tmp/authorized_keys

            cp /tmp/authorized_keys /root/.ssh/authorized_keys 

     2.  Adding default gateway and interface  to the iptable 

    route del -net 0.0.0.0/0

            route add -net 0.0.0.0/0 gw <public gateway ip>

            echo "auto eth2" >> /etc/network/interfaces

            echo "iface eth2 inet dhcp" >> /etc/network/interfaces

            echo "auto eth3" >> /etc/network/interfaces

            echo "iface eth3 inet dhcp" >> /etc/network/interfaces

            ifup eth2

            ifup eth3       

    3. Maven dependency failure with error “Peer not authenticated.” Added below statement to all mvn commands. 

mvn org.apache.maven.plugins:maven-dependency-plugin:2.10:get -DremoteRepositories=$REPO_URL_ARTIFACTS -Dartifact=org.openecomp.demo.vnf:sample-distribution:$DEMO_ARTIFACTS_VERSION:tar.gz:hc -Dtransitive=false -Ddest=. -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true 

   4. Flush all the iptable rules which was filtering the packets from flowing.

            iptables -F

            iptables -P INPUT ACCEPT

            iptables -P FORWARD ACCEPT

            iptables -P OUTPUT ACCEPT